chore: Try to make CodeQL happy (#20094) (#20129)

* chore(common): Split const from unrelated util/clusterauth const Signed-off-by: Josh Soref <jsoref@gmail.com> * chore: Try to make CodeQL happy Signed-off-by: Josh Soref <jsoref@gmail.com> --------- Signed-off-by: Josh Soref <jsoref@gmail.com>
2026-02-20 01:28:45 +01:00 · 2024-09-30 19:37:51 -04:00
parent 04e47cd5d4
commit fc1986e3e5
3 changed files with 33 additions and 23 deletions
--- a/common/common.go
+++ b/common/common.go
@@ -315,7 +315,10 @@ const (
 // Constants used by util/clusterauth package
 const (
 	ClusterAuthRequestTimeout = 10 * time.Second
-	BearerTokenTimeout        = 30 * time.Second
+)
+
+const (
+	BearerTokenTimeout = 30 * time.Second
 )

 const (
@@ -425,8 +428,10 @@ var PermissionDeniedAPIError = status.Error(codes.PermissionDenied, "permission

 // Redis password consts
 const (
-	DefaultRedisInitialPasswordSecretName = "argocd-redis"
-	DefaultRedisInitialPasswordKey        = "auth"
+	// RedisInitialCredentials is the name for the argocd kubernetes secret which will have the redis password
+	RedisInitialCredentials = "argocd-redis"
+	// RedisInitialCredentialsKey is the key for the argocd kubernetes secret that maps to the redis password
+	RedisInitialCredentialsKey = "auth"
 )

 /*
@@ -435,17 +440,17 @@ SetOptionalRedisPasswordFromKubeConfig sets the optional Redis password if it ex
 We specify kubeClient as kubernetes.Interface to allow for mocking in tests, but this should be treated as a kubernetes.Clientset param.
 */
 func SetOptionalRedisPasswordFromKubeConfig(ctx context.Context, kubeClient kubernetes.Interface, namespace string, redisOptions *redis.Options) error {
-	secret, err := kubeClient.CoreV1().Secrets(namespace).Get(ctx, DefaultRedisInitialPasswordSecretName, v1.GetOptions{})
+	secret, err := kubeClient.CoreV1().Secrets(namespace).Get(ctx, RedisInitialCredentials, v1.GetOptions{})
 	if err != nil {
-		return fmt.Errorf("failed to get secret %s/%s: %w", namespace, DefaultRedisInitialPasswordSecretName, err)
+		return fmt.Errorf("failed to get secret %s/%s: %w", namespace, RedisInitialCredentials, err)
 	}
 	if secret == nil {
-		return fmt.Errorf("failed to get secret %s/%s: secret is nil", namespace, DefaultRedisInitialPasswordSecretName)
+		return fmt.Errorf("failed to get secret %s/%s: secret is nil", namespace, RedisInitialCredentials)
 	}
-	_, ok := secret.Data[DefaultRedisInitialPasswordKey]
+	_, ok := secret.Data[RedisInitialCredentialsKey]
 	if !ok {
-		return fmt.Errorf("secret %s/%s does not contain key %s", namespace, DefaultRedisInitialPasswordSecretName, DefaultRedisInitialPasswordKey)
+		return fmt.Errorf("secret %s/%s does not contain key %s", namespace, RedisInitialCredentials, RedisInitialCredentialsKey)
 	}
-	redisOptions.Password = string(secret.Data[DefaultRedisInitialPasswordKey])
+	redisOptions.Password = string(secret.Data[RedisInitialCredentialsKey])
 	return nil
 }
--- a/common/common_test.go
+++ b/common/common_test.go
@@ -63,24 +63,24 @@ func TestSetOptionalRedisPasswordFromKubeConfig(t *testing.T) {
 			expectedPassword: "password123",
 			expectedErr:      "",
 			secret: &corev1.Secret{
-				ObjectMeta: metav1.ObjectMeta{Name: DefaultRedisInitialPasswordSecretName},
-				Data:       map[string][]byte{DefaultRedisInitialPasswordKey: []byte("password123")},
+				ObjectMeta: metav1.ObjectMeta{Name: RedisInitialCredentials},
+				Data:       map[string][]byte{RedisInitialCredentialsKey: []byte("password123")},
 			},
 		},
 		{
 			name:             "Secret does not exist",
 			namespace:        "default",
 			expectedPassword: "",
-			expectedErr:      fmt.Sprintf("failed to get secret default/%s", DefaultRedisInitialPasswordSecretName),
+			expectedErr:      fmt.Sprintf("failed to get secret default/%s", RedisInitialCredentials),
 			secret:           nil,
 		},
 		{
 			name:             "Secret exists without correct key",
 			namespace:        "default",
 			expectedPassword: "",
-			expectedErr:      fmt.Sprintf("secret default/%s does not contain key %s", DefaultRedisInitialPasswordSecretName, DefaultRedisInitialPasswordKey),
+			expectedErr:      fmt.Sprintf("secret default/%s does not contain key %s", RedisInitialCredentials, RedisInitialCredentialsKey),
 			secret: &corev1.Secret{
-				ObjectMeta: metav1.ObjectMeta{Name: DefaultRedisInitialPasswordSecretName},
+				ObjectMeta: metav1.ObjectMeta{Name: RedisInitialCredentials},
 				Data:       map[string][]byte{},
 			},
 		},